Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A9198847/DDFBB0B8D78111E9B423AC4BC4F9AE02/3971266E4A4A11EE9424B146C4F9AE02.roa
File: 3971266E4A4A11EE9424B146C4F9AE02.roa (raw, json)
Hash identifier: xJAQkN0avxEAaU/KGSNL89nSufzY1Um0R4WNQiuUDX4=
Subject key identifier: 96:6A:47:C4:41:34:32:3C:99:38:61:7C:22:62:E1:1E:EC:DC:B1:F0
Certificate issuer: /CN=A9198847/serialNumber=A6EF06B689581821C78C88291BBDF5C512A33F41
Certificate serial: 0D25
Authority key identifier: A6:EF:06:B6:89:58:18:21:C7:8C:88:29:1B:BD:F5:C5:12:A3:3F:41
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pu8GtolYGCHHjIgpG731xRKjP0E.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A9198847/DDFBB0B8D78111E9B423AC4BC4F9AE02/3971266E4A4A11EE9424B146C4F9AE02.roa
Signing time: Tue 10 Dec 2024 18:19:02 +0000
ROA not before: Tue 10 Dec 2024 18:19:02 +0000
ROA not after: Wed 28 May 2025 00:00:00 +0000
asID: 138640
IP address blocks: 43.246.200.0/24 maxlen: 24
43.246.201.0/24 maxlen: 24
43.246.202.0/24 maxlen: 24
103.109.56.0/24 maxlen: 24
103.109.57.0/24 maxlen: 24
103.109.59.0/24 maxlen: 24
103.111.13.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Dec 2024 16:31:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3365 (0xd25)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9198847
Validity
Not Before: Dec 10 18:19:02 2024 GMT
Not After : May 28 00:00:00 2025 GMT
Subject: CN=67588615-5452
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:7c:b8:05:20:97:d0:3e:c4:78:a2:64:d8:46:
e2:5a:e5:f6:ec:ef:aa:55:fe:ba:65:79:2d:2e:dd:
68:f9:e0:4c:bf:8e:09:fb:9d:d5:4f:85:6d:54:8c:
78:05:ab:78:95:94:85:e5:b0:31:87:2c:70:1f:ae:
d3:34:8e:6f:81:49:69:fe:0f:46:9d:15:de:b7:1a:
47:f3:71:e6:b0:80:2b:4d:7d:00:0e:ce:2c:88:b7:
3f:35:8e:df:cf:5d:7b:fa:a7:66:31:f3:c0:8e:9f:
37:62:40:d7:3c:46:87:31:6b:dd:5d:b3:6f:88:f8:
36:9c:70:28:07:27:17:6c:fd:7a:86:cd:d4:58:4c:
cc:14:15:df:f3:83:05:0e:b8:4b:b4:b2:a5:6f:3c:
f7:7c:08:7f:ff:6c:ab:ca:6d:45:44:7a:dd:5b:b7:
a3:61:bb:06:fd:f6:42:4b:80:c8:8d:4d:35:4e:1a:
c1:fc:80:f1:e0:d6:f6:e7:a5:19:da:c8:c5:f7:40:
60:ea:86:8a:4b:0d:eb:e9:5c:98:d6:31:43:e3:e9:
63:66:28:4c:8a:06:3e:56:21:a1:78:c2:f3:9b:44:
40:03:c5:fa:d8:87:a6:b3:ca:30:80:a1:4b:cc:00:
2e:1b:d7:b9:69:c7:7e:2a:db:f0:4b:a3:f6:d4:e2:
a6:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:6A:47:C4:41:34:32:3C:99:38:61:7C:22:62:E1:1E:EC:DC:B1:F0
X509v3 Authority Key Identifier:
keyid:A6:EF:06:B6:89:58:18:21:C7:8C:88:29:1B:BD:F5:C5:12:A3:3F:41
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A9198847/DDFBB0B8D78111E9B423AC4BC4F9AE02/pu8GtolYGCHHjIgpG731xRKjP0E.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pu8GtolYGCHHjIgpG731xRKjP0E.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9198847/DDFBB0B8D78111E9B423AC4BC4F9AE02/3971266E4A4A11EE9424B146C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.246.200.0-43.246.202.255
103.109.56.0/23
103.109.59.0/24
103.111.13.0/24
Signature Algorithm: sha256WithRSAEncryption
46:66:4a:f4:bf:67:43:ea:93:34:a3:2e:98:12:c3:1e:96:97:
c7:98:03:ee:e4:54:5c:ee:fd:4a:bd:18:4e:87:1d:5c:f1:be:
7b:d7:b4:f3:c4:5f:29:1a:3c:71:8c:92:0b:bd:3e:1b:c3:c3:
1d:64:b3:eb:d2:96:12:3d:dc:f4:26:be:2b:cb:b0:07:c4:d6:
03:c3:af:9d:42:e0:72:7e:7a:e9:92:73:22:51:40:97:99:71:
d7:07:2a:b1:1c:77:a5:7f:cf:c9:34:27:74:15:05:5a:22:d1:
d0:56:45:e7:43:d9:b1:5b:5f:88:d4:bc:92:27:37:40:53:5c:
33:6c:3f:9e:6f:7e:b2:06:d4:da:dd:47:cb:d3:e6:25:ee:76:
e4:68:c5:7c:cf:fe:95:61:d2:56:e4:37:71:98:9b:25:4e:4d:
61:53:a7:4e:c7:37:c3:b9:80:2c:a5:75:9e:7e:63:b9:32:33:
c8:5d:02:20:bd:d4:e2:f7:21:73:f1:87:d8:7e:c5:d4:d3:54:
31:9a:af:3d:35:c8:1d:df:d8:01:a9:8b:f5:83:76:7b:f6:c7:
0a:c3:c9:32:58:c4:68:dc:3b:31:3b:63:b9:11:53:97:62:c7:
68:9b:97:73:d7:7a:37:5f:54:15:4b:5c:2d:76:39:b2:c7:7a:
64:ad:36:12
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgICDSUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
OTg4NDcxMTAvBgNVBAUTKEE2RUYwNkI2ODk1ODE4MjFDNzhDODgyOTFCQkRGNUM1
MTJBMzNGNDEwHhcNMjQxMjEwMTgxOTAyWhcNMjUwNTI4MDAwMDAwWjAYMRYwFAYD
VQQDEw02NzU4ODYxNS01NDUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArny4BSCX0D7EeKJk2EbiWuX27O+qVf66ZXktLt1o+eBMv44J+53VT4VtVIx4
Bat4lZSF5bAxhyxwH67TNI5vgUlp/g9GnRXetxpH83HmsIArTX0ADs4siLc/NY7f
z117+qdmMfPAjp83YkDXPEaHMWvdXbNviPg2nHAoBycXbP16hs3UWEzMFBXf84MF
DrhLtLKlbzz3fAh//2yrym1FRHrdW7ejYbsG/fZCS4DIjU01ThrB/IDx4Nb256UZ
2sjF90Bg6oaKSw3r6VyY1jFD4+ljZihMigY+ViGheMLzm0RAA8X62Iems8owgKFL
zAAuG9e5acd+KtvwS6P21OKmFwIDAQABo4ICrzCCAqswHQYDVR0OBBYEFJZqR8RB
NDI8mThhfCJi4R7s3LHwMB8GA1UdIwQYMBaAFKbvBraJWBghx4yIKRu99cUSoz9B
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5ODg0Ny9EREZCQjBCOEQ3
ODExMUU5QjQyM0FDNEJDNEY5QUUwMi9wdThHdG9sWUdDSEhqSWdwRzczMXhSS2pQ
MEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3B1OEd0b2xZR0NISGpJZ3BHNzMxeFJLalAwRS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
OTg4NDcvRERGQkIwQjhENzgxMTFFOUI0MjNBQzRCQzRGOUFFMDIvMzk3MTI2NkU0
QTRBMTFFRTk0MjRCMTQ2QzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwOQYIKwYBBQUHAQcBAf8E
KjAoMCYEAgABMCAwDAMEAyv2yAMEACv2ygMEAWdtOAMEAGdtOwMEAGdvDTANBgkq
hkiG9w0BAQsFAAOCAQEARmZK9L9nQ+qTNKMumBLDHpaXx5gD7uRUXO79Sr0YTocd
XPG+e9e088RfKRo8cYySC70+G8PDHWSz69KWEj3c9Ca+K8uwB8TWA8OvnULgcn56
6ZJzIlFAl5lx1wcqsRx3pX/PyTQndBUFWiLR0FZF50PZsVtfiNS8kic3QFNcM2w/
nm9+sgbU2t1Hy9PmJe525GjFfM/+lWHSVuQ3cZibJU5NYVOnTsc3w7mALKV1nn5j
uTIzyF0CIL3U4vchc/GH2H7F1NNUMZqvPTXIHd/YAamL9YN2e/bHCsPJMljEaNw7
MTtjuRFTl2LHaJuXc9d6N19UFUtcLXY5ssd6ZK02Eg==
-----END CERTIFICATE-----
Generated at Mon Apr 7 00:50:10 2025 by rpki-client